diff --git a/package.json b/package.json index aa07bf2..5034fd6 100644 --- a/package.json +++ b/package.json @@ -14,8 +14,8 @@ "@adobe/aio-lib-core-errors": "^4.0.0", "@adobe/aio-lib-core-logging": "^3.0.0", "fetch-retry": "^5.0.4", - "http-proxy-agent": "^4.0.1", - "https-proxy-agent": "2.2.4", + "http-proxy-agent": "^7", + "https-proxy-agent": "^7", "node-fetch": "^2.6.4", "proxy-from-env": "^1.1.0" }, diff --git a/src/ProxyFetch.js b/src/ProxyFetch.js index 780816d..192ad72 100644 --- a/src/ProxyFetch.js +++ b/src/ProxyFetch.js @@ -13,12 +13,30 @@ const loggerNamespace = '@adobe/aio-lib-core-networking:ProxyFetch' const logger = require('@adobe/aio-lib-core-logging')(loggerNamespace, { level: process.env.LOG_LEVEL }) const originalFetch = require('node-fetch') const { codes } = require('./SDKErrors') -const HttpProxyAgent = require('http-proxy-agent') -const HttpsProxyAgent = require('https-proxy-agent') +const { HttpProxyAgent } = require('http-proxy-agent') +const { HttpsProxyAgent } = require('https-proxy-agent') const { urlToHttpOptions } = require('./utils') /* global Response, Request */ +/** + * HttpsProxyAgent needs a patch for TLS connections. + * It doesn't pass in the original options during a SSL connect. + * + * See https://github.com/TooTallNate/proxy-agents/issues/89 + * An alternative is to use https://github.com/delvedor/hpagent + */ +class PatchedHttpsProxyAgent extends HttpsProxyAgent { + constructor (proxyUrl, opts) { + super(proxyUrl, opts) + this.savedOpts = opts + } + + async connect (req, opts) { + return super.connect(req, { ...this.savedOpts, ...opts }) + } +} + /** * @private * @@ -35,19 +53,15 @@ function proxyAgent (resourceUrl, authOptions) { proxyOpts.auth = `${username}:${password}` } - // the passing on of this property to the underlying implementation only works on https-proxy-agent@2.2.4 - // this is only used for unit-tests and passed in the constructor proxyOpts.rejectUnauthorized = rejectUnauthorized if (rejectUnauthorized === false) { logger.warn(`proxyAgent - rejectUnauthorized is set to ${rejectUnauthorized}`) } - proxyOpts.ALPNProtocols = ['http/1.1'] - if (resourceUrl.startsWith('https')) { - return new HttpsProxyAgent(proxyOpts) + return new PatchedHttpsProxyAgent(proxyUrl, proxyOpts) } else { - return new HttpProxyAgent(proxyOpts) + return new HttpProxyAgent(proxyUrl, proxyOpts) } }